osresearch
commented
2 years ago Glad to hear you've made it past the login steps and are now into the command-and-control part.
You've guessed correctly about the cause -- I ran into a similar problem and didn't comment it very well in the code.
The trick is that the AES context is not reset after each message, so the "IV" for the second message is the chained cipher text from the previous message as if they were one continuous communication. The HCSocket python code uses the same self.aes_encrypt object until self.reset() is called after a reconnect, which reinitializes the encrypt/decrypt objects with the self.iv value.
Eroli
Hi everybody,
i am currently working on a C# port of this nice project. I am working with a WAV28G40 washer from Bosch and i am facing a strange issue.
I can successfully connect to the washer and receive the welcome msg (resource: /ei/initialValues).
I can successfully respond to that message with the RESPONSE action. The washing machine should now answer with the registeredDevices
When i receive the next (2nd) message from the washer, the first 16 bytes are broken. The received message starts like this
?,?S???↕??→?7@?"msgID":216593xxx,"resource":"/ci/registeredDevices", ...Based on this error I assume this should be an issue with the IV, since the remaining message is decrypted successfully. However, i am not able to find any difference to the python script. Therefore, i have some open questions looking to your feedback:Is the IV updated in any way or is the same one used for the whole communication?
If the IIV is updated, how does this take place?
If you have any hints for me regarding this error, please let me know :-)